Make ctr mode behaviour consistent with other modes.

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 3dc85762a2b78de6e9da8a4a82bedfbaad25c636..a7fbba3689ff33ebacf98dc13c16f60fc4e289fc 100644 (file)
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -122,7 +122,7 @@ static int aes_counter (EVP_CIPHER_CTX *ctx, unsigned char *out,
 static const EVP_CIPHER aes_128_ctr_cipher=
        {
        NID_aes_128_ctr,1,16,16,
-       EVP_CIPH_CUSTOM_IV,
+       EVP_CIPH_CTR_MODE,
        aes_init_key,
        aes_counter,
        NULL,
@@ -139,7 +139,7 @@ const EVP_CIPHER *EVP_aes_128_ctr (void)
 static const EVP_CIPHER aes_192_ctr_cipher=
        {
        NID_aes_192_ctr,1,24,16,
-       EVP_CIPH_CUSTOM_IV,
+       EVP_CIPH_CTR_MODE,
        aes_init_key,
        aes_counter,
        NULL,
@@ -156,7 +156,7 @@ const EVP_CIPHER *EVP_aes_192_ctr (void)
 static const EVP_CIPHER aes_256_ctr_cipher=
        {
        NID_aes_256_ctr,1,32,16,
-       EVP_CIPH_CUSTOM_IV,
+       EVP_CIPH_CTR_MODE,
        aes_init_key,
        aes_counter,
        NULL,
@@ -188,16 +188,6 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                return 0;
                }
 
-       if (ctx->cipher->flags&EVP_CIPH_CUSTOM_IV)
-               {
-               if (iv!=NULL)
-                       memcpy (ctx->iv,iv,ctx->cipher->iv_len);
-               else    {
-                       EVPerr(EVP_F_AES_INIT_KEY,EVP_R_AES_IV_SETUP_FAILED);
-                       return 0;
-                       }
-               }
-
        return 1;
        }
 

diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 037f14be235d3d1e7118678f994467b0e5619ffd..b5f847857fdf38af7449102a126ed317c9776635 100644 (file)
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -326,6 +326,7 @@ struct evp_cipher_st
 #define                EVP_CIPH_CBC_MODE               0x2
 #define                EVP_CIPH_CFB_MODE               0x3
 #define                EVP_CIPH_OFB_MODE               0x4
+#define                EVP_CIPH_CTR_MODE               0x5
 #define        EVP_CIPH_MODE                   0xF0007
 /* Set if variable length cipher */
 #define        EVP_CIPH_VARIABLE_LENGTH        0x8

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index bead6a2170a0a3d7b6e17caec288cc61edd69ed0..a35621a2ec9d27fc3db44baf9bb499b8711b0e5e 100644 (file)
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -206,11 +206,14 @@ skip_to_init:
                        ctx->num = 0;
 
                        case EVP_CIPH_CBC_MODE:
+                       case EVP_CIPH_CTR_MODE:
 
                        OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
                                        (int)sizeof(ctx->iv));
                        if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
-                       memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+                       /* Don't reuse IV for CTR mode */
+                       if (EVP_CIPHER_CTX_mode(ctx) != EVP_CIPH_CTR_MODE)
+                               memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
                        break;
 
                        default: